32 matches found
EUVD-2018-17780
Malware in sbrugna...
EUVD-2018-17781
Malware in sbrugna...
CVE-2023-22503
Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature. This vulnerability was reported by Roj...
CVE-2023-22503
Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature. This vulnerability was reported by Roj...
Information disclosure via Synchrony service
Affected versions of Atlassian Confluence Server allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the Synchrony service. This vulnerability was discovered by Rojan Rijal of Tinder Security Engineering. The affected versions are before version...
Watch out! Tinder and Grindr users targeted by cruel scammers using real abuse photos
A horrible catfishing scam is using real abuse photos in order to lure in unsuspecting victims on sites like Tinder and Grindr. Recently unearthed by Bleeping Computer, it works like this: Boy meets good-looking girl on dating site. The longer they talk, boy notices the conversation turning into ...
Recovering from romance scams with Cindy Liebes: Lock and Code S03E10
Earlier this year, many members of the public were introduced to the facets of a long-ignored crime in cyberspace: The romance scam. A flashy documentary called The Tinder Swindler had premiered on Netflix, and in it, filmmakers documented the efforts of one man to manipulate several women into...
am.ik.github:reactive-github-client (>=0.0.1 <=0.0.4), ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (>=3.1.0 <=3.2.0) +218 more potentially affected by CVE-2018-15756 via org.springframework:spring-core (=5.0.0.RELEASE)
org.springframework:spring-core MAVEN version =5.0.0.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework:spring-core and may be impacted: - am.ik.github:reactive-github-client =0.0.1, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0,...
A week in security (January 20 – 26)
Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes...
Wallarm to Sponsor KubeCon + CloudNative Con
If you have not registered yet for the main Kubernetes event in North America which will start on December 10th in Seattle, you may be out of luck. The event is sold out and is only taking the waitlist applications. But if you are going, KubeCon + CloudNativeCon promises to be a treat with the...
A week in security (February 19 – February 25)
Last week on Malwarebytes Labs, we gave readers a primer on encryption, took a stab at that Deepfakes tool Internet users seem to be interested in, and started a new series that talks about GDPR. We also looked at a drive-by download campaign that starts in booby-trapped Chinese websites that dro...
Match Group Tinder iOS app and Tinder Android app information disclosure vulnerability
Match Group Tinder iOS app and Tinder Android app are both products of Match Group, Inc.Tinder iOS app is an online dating app based on iOS platform.Tinder Android app is an online dating app based on Android. A security vulnerability exists in the Match Group Tinder iOS app and Tinder Android ap...
Match Group Tinder iOS app and Tinder Android app information disclosure vulnerability (CNVD-2018-03079)
Match Group Tinder iOS app and Tinder Android app are both products of Match Group, Inc.Tinder iOS app is an online dating app based on iOS platform.Tinder Android app is an online dating app based on Android. A security vulnerability exists in the Match Group Tinder iOS app and Tinder Android ap...
CVE-2018-6018
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic...
CVE-2018-6017
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic...
Code injection
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic...
Code injection
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic...
CVE-2018-6018
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic...
CVE-2018-6018
CVE-2018-6018 affects the Tinder iOS and Tinder Android apps. The underlying issue is described as fixed sizes of HTTPS responses, which enables an attacker to sniff network traffic and extract private, sensitive information. Connected sources corroborate a Match Group Tinder information disclosu...
CVE-2018-6017
CVE-2018-6017 : Tinder iOS and Tinder Android apps expose private sensitive data by transmitting images without encryption. Multiple sources (NVD/NVD mirror; CNVD/CNVD-2018-03079; CVE record) describe a lack of transport security that enables network sniffing to recover images. Affected software:...